From 0f3d1baa3fd75d358f3d0dcffe9e79bf5ff42cb1 Mon Sep 17 00:00:00 2001
From: Illia Barkov <ibarkov@thingsboard.io>
Date: Thu, 25 Feb 2021 14:12:15 +0200
Subject: [PATCH] Added subject alternative names into key generation tool
 #4114 (#4163)

---
 tools/src/main/shell/keygen.properties | 1 +
 tools/src/main/shell/server.keygen.sh  | 9 ++++++++-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/tools/src/main/shell/keygen.properties b/tools/src/main/shell/keygen.properties
index 0fb36d4524..d2733e5b7b 100644
--- a/tools/src/main/shell/keygen.properties
+++ b/tools/src/main/shell/keygen.properties
@@ -15,6 +15,7 @@
 #
 
 DOMAIN_SUFFIX="$(hostname)"
+SUBJECT_ALTERNATIVE_NAMES="ip:127.0.0.1"
 ORGANIZATIONAL_UNIT=Thingsboard
 ORGANIZATION=Thingsboard
 CITY=SF
diff --git a/tools/src/main/shell/server.keygen.sh b/tools/src/main/shell/server.keygen.sh
index e01b17b8b2..7679cbd812 100755
--- a/tools/src/main/shell/server.keygen.sh
+++ b/tools/src/main/shell/server.keygen.sh
@@ -86,6 +86,12 @@ fi
 
 echo "Generating SSL Key Pair..."
 
+EXT=""
+
+if [[ ! -z "$SUBJECT_ALTERNATIVE_NAMES" ]]; then
+  EXT="-ext san=$SUBJECT_ALTERNATIVE_NAMES "
+fi
+
 keytool -genkeypair -v \
   -alias $SERVER_KEY_ALIAS \
   -dname "CN=$DOMAIN_SUFFIX, OU=$ORGANIZATIONAL_UNIT, O=$ORGANIZATION, L=$CITY, ST=$STATE_OR_PROVINCE, C=$TWO_LETTER_COUNTRY_CODE" \
@@ -94,7 +100,8 @@ keytool -genkeypair -v \
   -storepass $SERVER_KEYSTORE_PASSWORD \
   -keyalg $SERVER_KEY_ALG \
   -keysize $SERVER_KEY_SIZE \
-  -validity 9999
+  -validity 9999 \
+  $EXT
 
 status=$?
 if [[ $status != 0 ]]; then